Using Snort IDS to create rules against a PCAP file

終了

1. Install Snort under Ubuntu or Mint. Actually you can install it under ANY Linux

2. Create the rules based on the policies below.

3. Download the file packet capture file. Unzip it.

4. Run Snort using your rules for the packet

HERE ARE THE SPECIFIC REQUIREMENTS FOR YOUR INTRUSION DETECTION RULES:

You are to create several intrusion detection rules. Create these in a text file called '[url removed, login to view]' located under /etc/snort/rules. Develop rules that implement the following policies:

1. alert on any incoming pings to the server from .128. Your message should indicate: ".128 pinging the server."

2. alert on any ftp traffic with the SYN flag set, from .128 to the server. Message should read: ".128 attempt to FTP to server."

3. alert on any telnet traffic with the SYN flag set, from .128 to the server. Message should read: ".128 attempt to telnet to server."

4. alert on any ssh traffic containing the keyword "SSH-2", from .128 to the server. Message should read: ".128 attempt to SSH to server."

5. alert on any http traffic from .128 with the SYN flag set, from .128 to the server. Message should read: .128 attempt to the web server."

6. alert on any http traffic with the SYN flag set from the CLASS A private network (10.0.0.0/8) to the server. Message should read "Possible DDOS."

7. alert on any DNS traffic from [url removed, login to view] to the local DNS server (172.16.136.1) that contains the keyword "ubuntu." Message should read "DNS Query Ubuntu."

8. alert on any packets from .128 to the server containing the text "[url removed, login to view]"

9. alert on any ftp traffic from the .128 to the server that contains the keyword "pfarnsworth". Message should read "Pfarnsworth over ftp".

10. alert on any ssh traffic from .128 to the server with the FIN and ACK flags set. Message should read "F/A for SSH teardown."

See the attachment for details. ANYTHING LESS IS NOT ACCEPTED FOR COMPLETING THE PROJECT>

スキル: Linux

さらに表示: create check quickbooks using iif file, script create multiple accounts using excel file, create flash quiz using xml question file, create wordpress template using psd file, create sms website using aspnet, create image swapping using flash, create report php using pdf, create registration form using mysql, create simple banner using css, create contact form using formailpl, create website voting using java mysql tomcat, create dyanamic website using php, create online admission using php javascript html, create floor plan using autocad, create flyers trifolds using adobe photoshop

プロジェクトID: #12161303

アワード:

ianoc

Good day! I've read your project description and I am very much interestd in getting this work done for you. I have an enormous amount of experience in Network security especially in linux environments and I see no もっと

$210 USD 3日以内
(3レビュー)
3.0

この仕事に、2人のフリーランサーが、平均$227で入札しています。

abdulrehman135

I have carefully read your problem statement and your requirements. I am new freelancer but know Linux and how to work with snort. I am interested in doing your project. I am available in email at any time. I am avai もっと

$244 USD 10日以内
(0件のレビュー)
0.0